Welcome Guest!
 Grapevine
 Previous Message All Messages Next Message 
Re: malware email - Sobig  jsampson+indexes
 Oct 23, 2003 03:09 PDT 

Hello -

The ones coming here have all had '.zlo' file endings. I don't know what
legitimate application uses/produces files with that ending. If I had a
filter that zapped email with '.zlo' attachments I would have my answer.

But in any case, when would a legitimate 'bounce' notification have an
attachment?

Regards

_John Sampson_


 The name of the attachment will vary: your_document.pif,
document_all.pif, thank_you.pif, etc. There is a common theme,
though -- Sobig-F's infections all arrive as ".pif" or ".scr"
files.
 Previous Message All Messages Next Message 
  Check It Out!

  Topica Channels
 Best of Topica
 Art & Design
 Books, Movies & TV
 Developers
 Food & Drink
 Health & Fitness
 Internet
 Music
 News & Information
 Personal Finance
 Personal Technology
 Small Business
 Software
 Sports
 Travel & Leisure
 Women & Family

  Start Your Own List!
Email lists are great for debating issues or publishing your views.
Start a List Today!

© 2001 Topica Inc. TFMB
Concerned about privacy? Topica is TrustE certified.
See our Privacy Policy.